Ensuring the safety and cybersecurity of enterprise companies is highly important these days. Since many companies worldwide have already transitioned to the work-from-home arrangements, they continue to appear on the radar of threat actors in large numbers.
Microsoft wants businesses to enable MFA
These days, attackers leave no stones unturned when it comes to cashing in on the on-going panic caused by the pandemic, and research groups continue to observe instances where hackers are found attacking enterprise companies.
Microsoft has advised companies to provide their employees with the right set of resources to securely access data over the cloud network. In her blog post, Ann Johnson, Corporate Vice President of Cybersecurity Solutions Group at Microsoft, wrote:
“Organizations must now be able to provide their people with the right resources so they are able to securely access data, from anywhere, 100 percent of the time.”
According to Johnson, every person with corporate network access should be regularly trained to develop a cyber-resilient mindset. In addition to following a set of IT security policies spanning identity-based access controls, every person with corporate network access should also be trained enough to alert IT about suspicious events and infections as soon as possible.
“They shouldn’t just adhere to a set of IT security policies around identity-based access control, but they should also be alerting IT to suspicious events and infections as soon as possible to help minimize time to remediation.”
Microsoft has advised businesses to enable multi-factor authentication (MFA) for their employees. The MFA provides users with an additional layer of security. Earlier, Microsoft stated 99 percent of compromised accounts in January this year did not use Multi-factor authentication.
Jonhson has shared her three-pronged approach of turning on multi-factor authentication (MFA):
- 100 percent of your employees, 100 percent of the time.
- Using Secure Score to increase an organization’s security posture.
- Having a mature patching program that includes containment and isolation of devices that cannot be patched.
Last week, Microsoft announced its Cybersecurity Awareness Kit that promises to help enterprises empower their employees on the matter of cybersecurity.